Exploit Database - Logo

Clickblog - Displaycalendar.asp SQL Injection

EDB-ID: 29192 Author: Aria-Security Team Published: 2006-11-27
CVE: CVE-2006-6189 Type: Webapps Platform: ASP
Aliases: N/A Advisory/Source: Link Tags: Vulnerability
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/21310/info

Clickblog is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

http://www.example.com/displayCalendar.asp?date=[SQL Injection]

Related Exploits

Trying to match CVEs (1): CVE-2006-6189
Trying to match OSVDBs (1): 32041
Other Possible E-DB Search Terms: Clickblog
Date D V Title Author
2006-09-14Download Exploit Code Verified ClickBlog! 2.0 - default.asp SQL Injectionajann
Menu